[keycloak-user] Improvement required in password policy evaluation

mj lists at merit.unu.edu
Thu Sep 28 02:58:43 EDT 2017


Oh YES.

We 100% agree with this.

It would even be nicer if all requirements would be displayed by 
default, each requirement with:

- a red cross if not yet satisfied
- a green checkmark when satisfied

So you would see red crosses turning into green checkmarks, while 
composing the password, as each requirement is fullfilled.

Since you have to provide the new password twice, you could even have a 
requirement that 'both password have to match', with a red cross, until 
they match.

MJ

On 09/28/2017 07:29 AM, Shaikh Asrafali Anwarali wrote:
> Hello,
> 
> 
> 
> The Keycloak shows PASSWORD construction rule one at a time when it fail to adhere to it.
> 
> 
> 
> For example :
> 
> Applied password policy are :
> 
> 1.       specialChars
> 
> 2.       upperCase
> 
> 3.       passwordHistory
> 
> 4.       length
> 
> 5.       digits
> 
> 6.       notUsername
> 
> 7.       lowerCase
> 
> 
> 
> If I set my password as "abcd"
> 
> I get error message saying " there has to be special character"   then I changed it to abcd@
> 
> After that I get message saying, there has to be 1 capital letter ... It goes on and one till all the policy is satisfied
> 
> 
> 
> There is a requirement that all failure reasons should be displayed at once or at least show the configures password rules somewhere on this screen.
> 
> On page I have all the data available, like in realm.passwordPolicy -  have all the configured password policy data.
> 
> But not sure how messages can be  formulated so that internationalization is also maintained.
> 
> 
> 
> Is there any way by which it can be achieve?
> 
> 
> 
> 
> 
> Regards,
> 
> Asraf Shaikh
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> 


More information about the keycloak-user mailing list